The Monetary Authority of Singapore (MAS) recently ordered BSI Bank to shut down its merchant bank operations here over breaches of anti-money laundering (AML) rules, poor management oversight and gross misconduct by some bank staff ("1MDB probe: BSI Bank told to stop operations in S'pore"; May 25).
The fact that three financial giants, including DBS Bank, were found to have lapses in their processes ("1MDB scandal: MAS raps three banks over control lapses"; yesterday) underscores the importance of protecting ourselves from money laundering risks.
Our regulatory framework has rules in place to detect and prevent the flow of illicit funds through the local financial system.
The Establishing AML and Know Your Customer (KYC) - where banks verify the identity of their customers - programmes are just part of the requirements banks need to fulfil to operate here.
In general, most banks have at least three lines of defence to deter and detect lapses in AML controls:
First, front-line operational units that own and manage risks.
Second, risk management and compliance units that monitor compliance.
Third, an independent assurance function, like internal audit.
However, lapses can still happen. The management may override the controls, employees may collude, or there may be a lax attitude in enforcing control and compliance.
But there are steps we can take to bolster existing lines of defence.
In assessing AML risks, compliance and internal audit functions should also assess the intangible aspects of the organisation, in addition to the policies, processes and procedures.
Organisational culture, tone at the top, and the management's philosophy and commitment level to integrity are examples of intangible aspects for which emphasis is often lacking.
Stakeholders must be cognisant of the internal and external operating environments, as these may affect management's approach in taking business risks, meeting budgets and other business objectives.
Other risk mitigation measures against lapses in AML controls would include establishing independent whistle-blowing channels. Often, employees are afraid of the consequences of becoming a whistle-blower. Organisations should provide protection for such employees.
The governance, risk management and compliance landscape grows ever more complex and so is the challenge to uphold robust standards.
The lines of defence should work in tandem and maintain vigilance to deter AML activities.
Teng Hui Yun (Ms)